Month: November 2010

Are you ever working on a server and you wander away for a few minutes only to come back and find that you’ve been disconnected and your session terminated? Never something fun to work through, especially if you’re installing and configuring a software product.

In most enterprise settings this is something that you’d find in a global policy object enforcing a particular amount of time that you’re able to be Idle prior to being booted from the server. Also there’s another setting regarding the maximum connection timeout – basically how long until your session gets trashed because you decided after you’d been booted for being idle you weren’t going to log back in.

If you’re searching around for these settings, they can be found through your friendly neighborhood group policy object at:

Specifically you’re looking to see what the settings for the following policies are:

Set time limit for disconnected sessions

Set time limit for active but idle Remote Desktop Services sessions

Set time limit for active Remote Desktop Services sessions

Terminate session when time limits are reached

While they may all seem friendly, upon closer examination you’re likely to find that one of these policies is your culprit (more than like the second and third in conjunction with the fourth).

However, oddly enough some folks still use security templates to tighten the policies on their servers. In which case, there’s also a Registry edit required and a reboot. Note you should always backup your registry before you make any changes – not for the squeamish of heart.

You’ll find this information along with other helpful information for allowing and disallowing things like the use of the Clipboard (fDisableClip) in the registry branch of:

Note that it’s still called Windows NT and also Terminal Services – I guess that some things never change 🙂

Specifically you’re looking for the following registry strings to modify:

MaxDisconnectionTime

MaxIdleTime

The decimal values that correspond to these are counted in milliseconds. For instance, if the MaxDisconnectionTime is set to 300000, this corresponds to 5 minutes (60 seconds/minute x 1000 milliseconds/second x 5 minutes). If you don’t want to be disconnected or have a max idle time, just set the value to 0 and you’ll be all set.

Happy Implementing!

And if you’re wondering where the title for this blog post came from, check out the Fireside Theater’s “We’re All Bozos On This Bus” radio show. Has something similar where the robot gets unplugged 🙂

We’ve all been there, we get a call from our client, customer, project manager or colleague at 630 in the morning stating that the portal is down. Typically this is done in such a manner that involves a terse conversation asking how long you’ve known the system was down and when you were going to alert other folks… Granted dependent on the systems monitoring software in your system you may or may not have received an alert. In my case you’re dreaming of a white sandy beach and wondering why there’s a ringing noise coming from the handle of Patron in your hand.

Nevertheless, once you get down to details though, I know that for me, I tend to find myself investigating such outage issues by looking in a few different buckets or areas first – all of which tend to deal with other systems that SharePoint relies on…

1 – Network Systems – did a network administrator change the VLAN or network route that the SharePoint products and technologies platform rides on top of to something that passes directly into a firewall that drops every frame trying to pass through? did a cable get gnawed through by an animal? did someone unplug the RJ45 altogether leaving your system not responding at all?

2 – DNS – is there a Domain Name Service issue where the names are no longer resolving properly? did someone remove a CNAME or A Record? did the MX record somehow get munged due to policy causing incoming e-mail to cease operating? did someone forget to renew your DNS record altogether? are your SSL certs invalid now because the CA chain is broken somehow thanks to DNS resolution (what’s that, you can’t access the CRL?)…

3 – Storage Fabric Operations – is there a problem with the storage fabric that’s hosting your SQL content databases? did someone cut the fiber inadvertently or blow away your storage zone? Or did a disk controller pass away in the night, overworked by backups? All fun things that are a ton of fun to explain… “It’s not the SharePoint platform, it’s just the storage where all of the databases that power the content seem to be gone…”

4 – Active Directory – did the service accounts running the SharePoint platform suddenly get changed such that their passwords expire after being told they were set never to expire? the accounts themselves are expired somehow? they were enabled for smartcard interactive login (which effectively scrambles the password to 256 random bits)? the service principal name (SPN) associated with a URI for Kerberos to work was removed?

5 – Group Policy – did the Network administrator controlling all of the domain policy suddenly get a zero day exploit update tossed on their plate that’s rated “Critical” by an Information Awareness Manager or Information Systems Security Officer? Did they push the patch without alerting you the IT Pro that’s watching over the health and welfare of your system? Or did someone perhaps just remove different policies assigned to OUs and decide to make an über-policy that trumps everything without checking what the RSOP was?

Rather than drone on regarding several other buckets I check, I’d say that on average those are the five that I check first… More often than not I find that the 5th is typically what happens where the resultant set of policy sets a policy such that either client systems accessing the SharePoint portal are no longer capable of integrating as they were meant to (“Hey where’d my SharePoint Sites in Word go?”) or such that the Windows Server operating system hosting SharePoint now has a setting that causes certain components to cease to operate (always fun when a network admin changes a system to disable loopback checking in turn killing search crawling, right?).

Fear not though, Microsoft has a tool out there in the Azure cloud to assist with tracking down the Global Policy Object that is causing your system grief – Global Policy Search. It’s available at: http://gps.cloudapp.net/

This is definitely one of my favorite cloud apps out there that assists in quick and easy searchable and filterable results to track down the GPO that’s the troublemaker to remediate issues. Give it a spin around the block and you’ll find that it’s quite helpful to have in your back pocket.

SharePoint Designer 2010 has been completely overhauled. While still the tool for managing Master Pages and Page Layouts, this session will focus on using SPD for Business Use. Learn about Workflow, Business Connectivity, External Data sources, and Data Views. This is a live session using SPD with SharePoint and not a PowerPoint session!

As SharePoint implementations and adoptions has become more popular, most organizations have begun creating a rules and processes that are absolutely needed for success. The goal for Today’s topic discussion is to share such rules and processes (Best Practices).

If you’re going to attend, please be sure to RSVP so that they’re able to have a decent head count for food.

So you’ve just gotten word from your project manager that you’ve got three weeks to plan for and implement SharePoint 2010 for your customer. They’ve got a perfectly good and working SharePoint 2007 implementation that’s hosting their data and fulfilling some of their needs, but they have plans for something new and brilliant, or at least from a functional perspective they see the benefits of SharePoint 2010 and want to use them as soon as possible.

Sure, the requirements aren’t completely filtered out and sure the hardware hasn’t been ordered, but when’s that stopped you before? Breath in a few times through the mask and prep yourself for a wild ride…

So while three weeks will be cutting it close to plan and implement, heck, who am I kidding, you’re going to need those three weeks to read through the document and begin planning your detailed plan of attack… remember to give yourself some space while you analyze the functional needs of your client to figure out exactly what authentication method will provide for the functionality of your clients technical needs. And also remember that unless you’re going To The Cloud! through a fantastic service like RackSpace Cloud Hosting services, you’re going to have wait a few weeks for hardware to show up from your favorite vendor.

To quote Airplane, “I just want to tell you both good luck. We’re all counting on you.”

So you’re working on a SharePoint engagement and you’re gathering requirements, building wireframes and other documentation for decision points and execution by clients and customers. While you’re working through all of this, be sure that you’ve got a solid tester that understands SharePoint development and the .net framework and isn’t just coming in with the mindset of “give me test cases.”

Further, make sure that your clients, customers and team members understand what is testable and what can be tested to give you an accurate metric… without defined metrics that are measurable there’s no point to testing or having success criteria as to whether or not a web part, solution package or powershell script actually are performing against a requirement that was provided. Don’t end up in the conundrum that Dilbert falls into…

So somehow I missed a tweet from Rob D’Oria, but apparently there’s an External BLOB Storage (EBS) hotfix that is necessary for SharePoint 2010 environments using EBS that was released back on September 7, 2010 with KB number 2398734. The hotfix was primarily built to address the following EBS issues:

A customized external binary large object (BLOB) storage provider (EBS Provider) crashes the worker process (W3wp.exe) when you perform one of the following actions:

– You upload a file through the Windows Explorer view or through the Microsoft FrontPage remote procedure call (RPC). – You upload files by using the Multi-File upload control. – You create a publishing site.

The hotfix also addresses a scheduled password change process issue:

The scheduled password-change process fails when you try to use the automatic password change feature for a SharePoint farm service account. This issue occurs when the service account is not a member of the local Administrators group in Windows.

After installing the hotfix, be sure to run the SharePoint Configuration Wizard to ensure that it is absorbed into the rich ether of your SharePoint fiber.

And on a side note, this hotfix does not seem to be a part of the October 2010 Cumulative Updates for either SharePoint Foundation Server or SharePoint Server.

Yes, I realize that everyone and their brother probably has posted this to their blog, but I figured that I would be the N+1 instance. So, just in case you’re searching around trying to find links for SharePoint 2010’s preliminary certifications…